Dynamic Prediction of Risk Levels for Manufacturing Operations through Leading Risk Indicators: Dynamic Risk Analyzer Engine

ABSTRACT

The dynamic risk analyzer (DRA) provided by the present invention periodically assesses real-time or historic process data, or both, associated with an operations site, such as a manufacturing, production, or processing facility, including a plant&#39;s operations, and identifies hidden near-misses of such operation, when in real time the process data appears otherwise normal. DRA assesses the process data in a manner that enables operating personnel including management at a facility to have a comprehensive understanding of the risk status and changes in both alarm and non-alarm based process variables. The hidden process near-miss data may be analyzed alone or in combination with other process data and/or data resulting from prior near-miss situations to permit strategic action to be taken to reduce or avert the occurrence of adverse incidents or catastrophic failure of a facility operation.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation-in-part of and claims the priorityand benefit of U.S. patent application Ser. No. 14/511,729, entitled“Dynamic Prediction of Risk Levels for Manufacturing Operations throughLeading Risk Indicators: Alarm-based Intelligence and Insights, filedOct. 10, 2014. This application also claims the priority and benefit ofU.S. Provisional Patent Application Ser. No. 62/109,865, entitled“Dynamic Prediction of Risk Levels for Manufacturing Operations throughLeading Risk Indicators: Dynamic Risk Analyzer Engine,” filed on Jan.30, 2015. The entireties of each application are incorporated herein byreference in their entireties.

FIELD OF THE INVENTION

The dynamic risk analyzer (DRA) of the present invention periodicallyassesses real-time or historic process data, or both, associated with anoperations site, such as a manufacturing, production, or processingfacility, including a plant's operations, and identifies hiddennear-misses of such operation, when in real time the process dataappears otherwise normal. The DRA assesses the process data in a mannerthat enables operating personnel including management at a facility tohave a comprehensive understanding of the risk status and changes inboth alarm and non-alarm based process variables. The hidden processnear-miss data may be analyzed alone or in combination with otherprocess data and/or data resulting from prior near-miss situations topermit strategic action to be taken to reduce or avert the occurrence ofadverse incidents or catastrophic failure of a facility operation.

BACKGROUND OF THE INVENTION

Every low-probability, high-consequence adverse incident or catastrophicoperational failure at any production or processing facility, such as achemical plant, fluid-catalytic-cracking units (FCCU) at a petroleumrefinery, nuclear energy production plant, or even a biological facilityor waste management facility, is preceded by many high-probability,low-consequence events, which may or may not be recognized by alarms orare considered near-misses (Pariyani et al., Ind. Eng. Chem. Res.49:8062-8079 (2010a); Pariyani et al., 20th European Symposium onComputer Aided Process Engineering (ESCAPE) 28:175-180 (2010b)). Some ofthese events remain hidden in the background of normal operatingconditions. An ideal risk management system at the plant will accountfor the near-misses, especially those that are hidden, and developindicators to notify the operators in advance of undesirable incidentsthat are likely to happen. In particular, such knowledge becomes highlydesirable for unmanned plants/facilities.

For example, in the following situations, the public has been harmed byindustrial accidents, adverse events, and/or catastrophic failures thatcould have been avoided with a DRA system. For example, the USgovernment chemical safety board web site (www.csb.gov) is inundatedwith reports of accidents that took place in the chemical manufacturingfacilities in the recent years that cost several lives, as well asproperty damage. The recurring themes in the outcome of analysis ofthese accidents are a) the lack of preventive maintenance, and b) thelack of attention to process near-misses. Moreover, every year billionsof dollars are lost in the manufacturing industry due to “trips”(unexpected shutdowns due to malfunction of the equipment and/or controlsystems) at operational plants and facilities. For instance, there havebeen $6 billion/year losses recorded by US refineries from unexpectedshut downs and associated incidents of crude and fluidized catalyticcracking (FCC) units.

An additional condition, which is frequently observed in mostmanufacturing or processing facilities, is silencing (muting) the alarmsthat are considered to be nuisance. These are alarms that are activatedso often that they are considered to be of such little significance bythe operators, that they are regarded as unimportant disturbancesresulting from normal operations, so they are turned off or ignored likefire drills in office buildings. But such actions negate the value ofthe alarm system. For example, at an offshore refinery facility visitedin 2011 by the inventors, most of the “low priority” alarms had beensilenced. In fact, one of the reasons that the BP off shore accident inGulf of Mexico in 2010 (where 11 people died and 17 were injured) wasnot identified in its early stages was because an alarm had beensilenced after it had been going off in the middle of the night andawaking the workers.

Most safety activities are reactive and not proactive, and as a resultmany organizations wait for losses to occur before taking preventativesteps to prevent a recurrence. Near miss incidents often precede lossproducing events, but are either hidden within process operations andrelated data or are largely ignored because no injury, damage, or lossactually occurred. Thus, many opportunities to prevent an accident oradverse incident are lost. However, recognizing and reporting near missincidents, particularly measurable near misses, such as, for example, byalarms in an alarm-monitored plant/facility or by comparative data, canmake a major difference to the safety of workers within organizations,and often to the public at large, e.g., in the case of a nuclear-poweredfacility wherein in a systems failure poses a significantly high amountof risk. History has shown repeatedly that most loss producing events(accidents) were preceded by warnings or near-miss accidents.

Thus there is a need, not met until the present invention, for a“dynamic risk analyzer” (DRA) system that periodically analyzes realtime and historic data to assess operational risks and identifynear-misses of alarm and non-alarm based process variables, which arehidden as normal operating conditions and to send alert signals and/orreports to identify the hidden risk and to reduce or prevent adverseincidents or failures.

BRIEF DESCRIPTION OF THE FIGURES

The description discloses the invention that is illustrated withreference to the accompanying figures to advise one of ordinary skill inthe art of the characteristics and benefits of the invention. In thevarious views of the figures, like reference characters designate likeor similar parts, whereby:

FIG. 1 shows a DRA system of the present invention.

FIG. 2 shows a DRA system within a secured network with no remote accesswhere connectivity with the OPC server allows the DRA system to obtaincontinuous process data, as it gets measured and channeled out, withoutrequiring any direct communication with the industrial controls system(such as DCS, SCADA, or PLC devices).

FIG. 3 shows a petal chart for parameter P indicating its 7 values over7 time periods (days) where the value of P for March-5 is equal to r,which is indicated by the petal with length r.

FIGS. 4A, 4B, 4C show a presentation of a variation of parameter P over7 consecutive time intervals on the petal chart (FIG. 4A) having acomparative distinct visual advantage over a bar chart (FIG. 4B), andline chart (FIG. 4C) showing.

DESCRIPTION OF THE INVENTION

In general, and unless otherwise indicated, singular elements may be inplural and vice versa with no loss of generality.

As used herein, each of the following terms has the meaning associatedwith it in this application.

The phrase “process data” is used to refer to data resulting fromreal-time measurements of both alarm and non-alarm based processvariables associated with a plant/facility including temperature,pressure, and the like. More specifically, “process data” is thecollection of all or at least some of the values of process parametersthat are measured, recorded, and reported by the distributed controlsystem (DCS) for a process or plant, wherein a hierarchy of controllersis connected by communications networks for command and monitoring ofcontrol elements distributed throughout the system, or any other devicethat automatically measures the value of one or more variables andreports the data either in-real time or periodically, or both. Forexample, process data can include, but not be limited to, valuesincluding temperature measured in a reactor, at an inlet stream or anoutlet stream, pressure of a reactor, flow rate of a liquid or gas goinginto or out of a reactor, liquid level in a reactor or a tank, and thelike. In large industrial operations, there are hundreds of processvariables that can be measured and reported. An industrial manufacturingoperation centered around a reactor would have several parameters thatare associated with that “reactor unit” (reactor and its associatedperipheral equipment). Also there are, for example, several parametersassociated with a liquid flowing into a reactor including itstemperature, pressure, viscosity, etc. Together the values of all theseparameters comprise “process data.”

The phrase “real time” is used in its plain and ordinary meaning.

The phrase “distributed control system” or alternatively “DCS” is usedto refer to a system of processors used as controllers that implementproprietary interconnections, control strategies, and standardcommunications protocol for communication. Input and output modules formcomponent parts of the DCS. The processor receives information frominput modules and sends information to output modules. Linked into thewired and/or wireless network, the input modules receive informationfrom input instruments in the process or field and the output modulestransmit instructions to the output instruments in the field. The inputsand outputs can be, for example, either analog signal which arecontinuously changing or discrete signals which are 2 state either on oroff. Computer buses or electrical buses connect the processor andmodules through multiplexer or demultiplexers. Buses also connect thedistributed controllers with the central controller and finally to theHuman-machine interface (HMI) or control consoles. The elements of a DCSmay connect directly to physical equipment such as switches, pumps andvalves and to Human Machine Interface (HMI) via SCADA. The differencesbetween a DCS and SCADA is often subtle, especially with advances intechnology allowing the functionality of each to overlap.

The phrase “near-miss” is used herein to refer to something narrowlyavoided; a lucky escape. More specifically, a “near miss” for safetypurposes is an unplanned event that did not result in actual injury,illness, or damage—but had the potential to do so, especially if leftunaddressed.

The term “group” is used to refer to a collection of parameters thattypically share one or more common characteristic(s).

The phrase “hidden process near-miss” is used to refer to a near-missevent or a series of events (often not obvious to the plant/facilityoperators through naked eye) that can be identified within process dataof an operation. These events can be treated as precursors to accidents,hence, can be utilized by plant/facility operators as well as managementto improve the system performance and prevent potential accidents.

The phrase “risk results” is used to refer to information on hiddennear-misses that indicate events or variables or their groups thatexhibit risky or abnormal behavior.

The phrase “open platform communication” or alternatively “OPC” is usedto refer to interoperability standards for reliable and secure exchangeof data, between industrial hardware devices in the automation industry,developed by third-party vendors and solution providers. OPC standardsdefine protocols for accessing real-time data, alarms and events,historical data and other applications. The OPC Foundation(opcfoundation.org) is responsible for the development and maintenanceof the standards.

The phrase “OPC server” is used to refer to a commercially availableserver that is configured and functions in accordance with OPC standardsand protocols and allows easy access to process data and alarms withoutthe need to write vendor-specific programs.

The term “processor” is used to refer to a processor or processing unit,multiple processors, or multiple processing units, or other suitablyconfigured computing element.

This description of the invention is intended to be read in connectionwith the accompanying figures depicting embodiments of the invention.

Referring to FIGS. 1-2, the dynamic risk analyzer (DRA) comprises asystem for analyzing process data periodically (at a specificcalculation interval) to identify risk results in connection with riskanalysis processes for an operations site. The DRA system is useful foranalyzing the process risk levels of an operations site, e.g., amanufacturing, production, or processing facility, on a periodic basis(e.g., minute, hourly, daily, etc.) in real-time or historically, andidentifies hidden process near-misses. The DRA system is designedspecifically to address the needs of plant managers, engineers, andother operating personnel, who review risk status on a periodic basisand take strategic actions as needed.

An overview of the DRA system is shown generally in FIG. 1. The DRAsystem is a computer-based system that includes (1) a data collectioncomponent, to connect to data source such as OPC server or historian,etc.; (2) a computer-readable data storage medium consisting of arelational database and a key-value storage (NoSQL) solution; (3) a dataprocessor component, consisting of risk analysis methods and a processorsuch as a personal computer, a laptop computer, a workstation, a tabletcomputer, a smart-phone, and/or portable electronic device; and (4) adata presentation platform, such as a website, e.g., Internet orIntranet. The DRA system includes an integrated wired and/or wirelesscommunication network that links all of the components of the system.

The collection component functions by receiving process data from a datasource, such as an OPC server, historian, etc., in real-time orperiodically and storing the process data in the system's computerreadable data storage medium. DRA receives “process data” from an OPCserver or Historian at scheduled intervals (every second/minute/hour orother). The data from an OPC server can be stored in an archival serverand later accessed for online/offline analyses. An archival server canbe a historian system. Commercial historian systems are available in themarket (see http://en.wikipedia.org/wiki/Operational_historian), whichhave the capability to store large volumes of data, anywhere from a fewhundred data points per second to hundreds of thousands data points persecond. In addition, the archival server permits end-users to browse andretrieve the historical data for several years.

The computer-readable data storage medium comprises a database, such asa relational database, and a key-value storage (NoSQL) solution. Thecomputer readable storage medium functions by storing relevant processdata and risk results and subsequently making stored data available foraccess by other components of the DRA system. Standard commercial oropen-source packages can be used as the data storage medium. Forexample, MySQL, Microsoft SQL Server, and Oracle are suitable relationaldatabase solutions. Redis, MongoDB, or Oracle NoSQL can be used askey-value storage. The combination of relational and NoSQL databasesallows DRA system to handle large volumes of data reliably.Alternatively, the data storage medium can include, but not be limitedto, volatile memory, non-volatile memory, magnetic and optical storagedevices such as disk drives, magnetic tape, CDs (compact discs), DVDs(digital versatile discs or digital video discs), removable storage, orother media capable of storing code and/or data, now known or laterdeveloped. All of the process data and risk results can reside on thecomputer-readable data storage medium related to a company's securedserver and network that is in communication with the DRA system and arenot communicated to the external world. The DRA system is designed tocontinue operation perpetually, without any user intervention.

The data processor functions by analyzing collected and/or stored datato identify hidden near-miss risks. The data processor may be anyelectronic device cable of processing, receiving, and/or transmittinginstructions. For example, the processor may be a microprocessor or amicrocomputer. The data processing component begins calculationsstarting at every T intervals (where the value of T is between 1-minuteto 1-month, with the typical value being 1-day)—based on the methods,such as DRA100, DRA200, DRA300, LI100, and LI200, among others, asdescribed in U.S. Pat. No. 8,884,759, the entirety of which isincorporated herein by reference, to obtain the risk results that areused to alter or correct a problem in an operation. Depending upon thenumber of variables and/or groups being analyzed, length of timeinterval ‘T’, and server speed, the data processing can take anywherefrom a few seconds to several minutes or hours or days.

The data presentation platform, such as an Internet or Intranet website,functions by visually presenting risk results identified by the dataprocessor on a computer display. The data presentation componentcomprises a web application that serves different web pages (dashboards)within DRA to allow the user to browse the risk results. The latest riskresults are added once the data processing is complete. There areseveral system-based services that run continuously to support user(client) interaction with the DRA system. In an embodiment, the datapresentation component can include a petal chart, which comprises a newmethod of presenting variation of risk values with time.

The petal chart is introduced to show variation of a parameter P overdiscrete time periods, which can be any measureable time period, such asa minutes, hours, days, weeks, months, years, etc. The different valuesof the parameter P are graphically displayed as petals next to eachother relative to the discrete time period. The total number of petalsin a given chart can range anywhere from 1 to 360, which a value being7, for example. The length of a given petal indicates the value of theparameter for a given time value. If we assume that P∈[0, R], where R isa positive real number, then the radii of the outer and innersemicircles are equal to R+R₀, where R₀ is a real number greater thanzero and can be chosen by an analyst. The maximum value of P is shown bya petal whose edge touches the outer circle of the Petal Chart. Theinclusion of an outer circle depicted on a petal chart is optional.Also, in reference to FIG. 3, the angle spread of the petal chart aroundthe center of the petal chart is 180 degrees which can be a typicalvalue. However, petal charts can have an angle spread equal to 90°around the center of the petal chart, or alternatively an angle value ofbetween 30° to 180° can also be plotted on a petal chart.

For example, FIG. 3 shows a petal chart for parameter P indicating 7values for parameter P calculated for 7 time periods, which in this caseeach time period equals one day. Note that the value of parameter P forMarch 5 (3/5) is equal to r, which is indicated by the petal with lengthr. Using this concept, the calculated metrics identified in U.S. Pat.No. 8,884,759 such as the dynamic risk index, the compounded risk score,the number of abnormal events, the time segment values, etc., can beplotted with a petal chart.

Referring now to FIGS. 4a-4c , the petal chart has a distinct visualadvantage over bar charts and line charts. The variation of parameter Pfor 7 consecutive time intervals, wherein each time interval is a day,is plotted using a petal chart (FIG. 4a ), a bar chart (FIG. 4b ), and aline chart (FIG. 4c ). In FIG. 4a , the area displayed by each petal,e.g., for March 5 (3/5), is equal to θ(r₁ ²+2r₁R₀), wherein θ is theangle spread for the petal, with origin at the center point of the petalchart. Thus, the ratio of areas of petals for March 5 (3/5) and March 4(3/4) is equal to (r₁ ²+2r₁R₀)/(r₂ ²+2r₂R₀). For the special case whenR₀<<r₁, r₂, this ratio is equal to r₁ ²/r₂ ². In comparison, the barchart shown in FIG. 4b shows the ratio of areas of bars for March 5(3/5) and March 4 (3/4) with heights equal to r₁ and r₂, is equal tor₁/r₂. Similarly, the line chart shown in FIG. 4c shows the ratio ofheights of data points for March 5 (3/5) and March 4 (3/4) is equal tor₁/r₂. This means that the relative visual impact of the value ofparameter P for March 5 (3/5) with respect to that of March 4 (3/4) ismore visually significant in the petal chart, when compared to thepresentation of the same values for parameter P in a bar chart and aline chart. Hence, the petal chart highlights the relative differencebetween data points better than that depicted with traditional barcharts and line charts. The petal chart is especially beneficial foroperations sites, where the end-users are busy engineers and operatorswho benefit from quickly viewing the relative difference betweenconsecutive data points.

The DRA system integrated into an operations environment is shown inFIG. 2. Connectivity with the OPC server allows DRA system to obtaincontinuous process data, as it gets measured and channeled out, withoutrequiring any direct communication with the industrial controls system,such as DCS, SCADA, or PLC devices. Alternatively, the DRA system canextract the process data from the Historian in real-time or at periodicintervals, e.g., every second, minute, hour, or any other time interval.Once the process data begins to arrive, the DRA system calculates “riskresults” at every T interval, where the value of T can be between1-minute to 1-month or other time parameter, with the value being 1-dayin an embodiment.

The DRA can automatically identify hidden process near-misses that canpotentially lead to accidents having a major impact on safety,operability, quality, and/or business.

The methods to obtain process data are defined in U.S. Pat. No.8,884,759, the entirety of which is incorporated herein by reference,and more specifically can include methods such as DRA100, DRA200,DRA300, LI100, and LI200, among others. The DRA functions to analyzeprocess data to identify hidden process near-misses and to report,record, and use the identified information, e.g., risk results, forsystem improvement purposes.

Often, in industrial operations, the number of process parameters islarge. To facilitate the review and analysis of their risk results, theDRA system allows the users to aggregate the process parameters in“groups” which enables the busy operating personnel to obtain a quickhigh-level view of developing risks in the operations. The parameters ina group may or may not be causally related to each other. For example,in a typical plant operations, groups such as reactors, vessels, pumps,condensers, etc., can be defined.

The risk results are available via a web interface to operating teammembers, also known as end-users, who have access to a company'sintranet portal. Operating team member can include plant managers,operational engineers, supervisors, operators, etc. The risk results canbe presented using intuitive charts/dashboards in the DRA system thatallow the end-users to identify hidden risks or hidden near-misses attheir early stages and take strategic corrective actions to avoidadverse incidents, shutdowns, and catastrophes. Many times, the hiddenrisks or hidden near-misses are not patently obvious or readilyavailable to the human eye, in spite of the operating personnelconducting daily process monitoring including shift logs review,communications with field operators, trend visualization of key processparameters, etc. The risk results calculated and communicated by the DRAsystem to the operating personnel present a new dimension of knowledgethat not only allows the savings in time of identifying where theattention is needed, but also makes risks transparent among the entireoperations staff—which is often times, not clear, nor well understood.

The methods and processes described in the disclosure of the inventioncan be embodied as code and/or data, which can be stored in thecomputer-readable storage medium as described above. When a computersystem reads and executes the code and/or data stored on thecomputer-readable storage medium, the computer system performs themethods and processes embodied as data structures and code and storedwithin the computer-readable storage medium.

While the invention is described in conjunction with specificembodiments, many alternatives, modifications, permutations andvariations will become apparent to those skilled in the art in light ofthe foregoing description. Accordingly, it is intended that theinvention embraces all such alternatives, modifications, permutationsand variations as falling within the scope of the claims below.

We claim:
 1. A system for predicting risk levels for manufacturing operations with risk indicators comprising: a server that receives process data from a real-time data source and/or a historical archive data source comprising a relational database with a key-value storage solution; a processor that analyzes values of parameters P and/or groups G of said parameters P of said process data at time interval T to identify operational risk and/or near-miss risk that would otherwise be unknown or concealed in parameters P, whereby said operational risk and/or near-miss risk may be used for strategic corrective action; and a display that presents said operational risk and/or near-miss risk in a graphic that visually depicts a plotted value V of parameter(s) P of said operational risk and/or near-miss risk in time interval T relationally within time period TP; wherein said system continuously and autonomously operates contemporaneously with said manufacturing operation.
 2. A method for dynamic prediction of risk levels in a manufacturing operation comprising: identifying risk and/or near-miss risk of said manufacturing operation that would otherwise be unknown or concealed in parameters P and/or groups G of said parameters P of process data, said process data comprising: data collected from said manufacturing operation and processed in either (a) real-time or (b) from an archive server having a relational database with a key-value storage solution, or both; and displaying said risk or near-miss risk in a graphic that visually reports a plotted value V of parameter(s) P of said risk or near-miss risk relationally within time T period, whereby said plotted value V is displayed with a variable visual indicator corresponding with magnitude of said plotted value V; wherein said method is performed continuously and autonomously.
 3. A display system for risk indicators for a manufacturing operation comprising: identifying risk and/or near-miss risk of said manufacturing operation that would otherwise be unknown or concealed in parameters P and/or groups G of said parameters P of process data in either real-time and/or historically from an archive server having a relational database with a key-value storage solution; plotting parameter P of said risk and/or near-miss risk on a circular or semi-circular chart of graphic visual indicators comprising: a petal for P parameter at each T time interval; said petal comprising an area plotted with a radius R having a maximum and minimum reportable length and an angle spread greater than 1 degree, wherein said length of said radius R corresponds with a magnitude of said parameter P at said T time interval and partially determines said area of said petal displayed on said chart; and displaying said parameter P at a time interval on said chart over a predetermined time period TP. 